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Improvements In. and Relating to Credential Transfer 

Methods 



The present invention relates to credential transfer 
5 methods, to methods of communication and to corresponding 
systems. The present invention further relates to digital 
credential indices . 



In a distributed electronic network, such as the internet, 

10 when a user approaches a service provider for a service 
(which may^ by way of example, be a financial transaction) 
the service provider may require in order to provide this 
service one or more credentials from the user. Generally 
a credential is a data structure provided to the user 

15 (sometimes referred to as the "bearer") for a purpose, 
with some acknowledged way to verify the user's right to 
use the credential. A credential normally will relate to 
an attribute such as the identity of the bearer. For 
instance, if the user is a customer seeking to purchase 

20 goods from a seirvice provider, the service provider may 
require from the customer credit card details (credit card 
type, credit card number, name on credit card and expiry 
date) , an address and perhaps other personal details such 
as, say, a passport number or phone number. In order to 

25 make a purchase from the service provider, the user must 
provide the service provider with the details requested. 



Such a method and system has several disadvantages. 
First, it takes control away from the user/ customer (the 
30 term '^user'' from now is intended to include reference to 
"customer") . That is, the user does not have control over 
the credentials to be provided. 
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Secondly, such a system and method is binary in the sense 
that the service provider provides authorisation (ie 
accepts the credentials) and allows the transaction to 
5 proceed or does not. There is no middle ground. 

Preferred embodiments of the present invention aim to 
obviate or overcome disadvantages of the prior art such as 
those described above. 

10 

According to the present invention in a first aspect, 
there is provided a credential transfer method for use on 
a distributed electronic network, the method comprising 
the steps of a sender communicating to a recipient a 

15 credential index comprising an index referring to at least 
one credential, the recipient selecting at least one of 
the credentials from the index of at least one credential 
provided by the sender, the recipient communicating to the 
sender an indication of the selected at least one 

20 credential and the sender providing to the recipient at 
least one credential corresponding to the selected at 
least one credential. 

According to the present invention in a second aspect, 
25 there is provided a method of communication for use on a 
distributed electronic network, which method comprises a 
credential transfer method according to the first aspect 
of the invention. 

30 According to the present invention in a third aspect, 
there is provided a system configured and adapted to 
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operate according to the first or second aspects of the 
invention. 

According to the present invention in a fourth aspect, 
5 there is provided a digital credential index comprising an 
index to at least one credential . 

The sender will generally, but not necessarily, be the 
bearer of the credentials. The sender may send data to 
10 the recipient directly or indirectly through a third 
party. The recipient may send data to the sender directly 
or indirectly through a third party. Reference to 
^^direcf communication is via a distributed electronic 
network , 
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Suitably, the method comprises the additional step of 
determining whether the at least one credential is 
sufficient and communicating the result of the 
determination to the sender. 

Suitably, the method comprises the additional step of 
determining a service level according to the at least one 
credential indexed in the credential index and the 
recipient commiinicating the service level to the sender. 

Suitably, the sender communicates a plurality of 
credential indices to the recipient . 



Suitably, the method comprises the additional step of 
3 0 determining a service level according to each of the 
plurality of credential indices communicated to the 
recipient by the sender and communicating the service 
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level corresponding to at least one of the credential 
indices to the sender. Suitably, a service level is 
communicated to the sender for each credential index 
communicated to the recipient by the sender. 

5 

Suitably, the credential comprises a digital credential. 

Suitably, the credential index comprises indices to a 
plurality of credentials. 

10 

Suitably, the method comprises the additional step of the 
sender selecting a credential index from a plurality of 
available credential indices. 

15 The present invention will now be described, by way of 
example only, with reference to the drawings that follow; 
in which: 

Figure 1 is a schematic illustration of a distributed 
20 electronic network illustrating features of embodiments of 
the present invention. 

Figure 2 is a functional flow diagram illustration of an 
embodiment of the present invention. 

25 

Figure 3 is a schematic workflow diagram corresponding to 
the embodiment shown in Figure 2 . 

Figure 4 is a functional flow diagram illustration of 
30 another embodiment of the present invention. 
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Referring to Figure 1, there is shown a distributed 
electronic network 2 comprising a user's terminal 4 (also 
used to designate the user generally) in electronic 
communication with a service provider 6 (the recipient) 
via the internet, indicated schematically at 8 . In this 
embodiment the user 4 is the sender. It will be 
appreciated that embodiments of the present invention can 
be operated across other distributed electronic networks 
such as wide area networks or local area networks. 

The user 4 is the bearer of a plurality of digital 
credentials obtained previously. 



Ill Referring to Figures 2 and 3 of the drawings that follow, 

15 a first embodiment of the present invention will now be 
^ described. 
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Figure 2 is a step-by-step flow diagram of the first 
embodiment, while Figure 3 is a corresponding overview of 
20 the workflow. 



In step 200 (Figure 2) the user 4 creates a plurality of 
different credential indices 3 00A-N. Embodiments of the 
present invention can operate with a single credential 

25 index 300, but in preferred embodiments the user generates 
a plurality of credential indices 300 ready for submission 
to service providers as desired. Each credential index 
300 contains details of the credentials 302A-M the user 4 
is willing to offer to the service provider 6. The 

30 credentials 302A-M are those the user 4 has available for 
selection to provide to a service provider. The number of 
credentials 3 02 need not (and generally will not) 
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correspond to the number of credential indices 300. (For 
the sake of clarity, not all credential indices nor 
credentials are referenced in Figure 3) . So, for 
instance, the user 4 may include in a first credential 
5 index 3 0 OA reference to an address and a credit card 
details. In a second credential index 300B the user 4 
may, for instance, include reference to a passport number 
and a telephone number. In a third credential index 3 00C 
the user 4 may, for instance, include reference to their 
10 employer's name and address and their bank details. The 
selection of to which credentials 302 are referenced in 
which credential index 300 is left to the user 4. 

% 

W " 

nj Credential indices 300 may contain simple reference to a 

f|l 15 credential 302 or be descriptive of the credential 302. 

For instance, the file of the credential may simply state 
%3 that the credentials 302 are the user's name and address 

Ifi without giving any details of them. Alternatively or in 

P addition the credential indices 300 may contain thumbnails 

20 of the relevant credentials. A thumbnail of a credential 
is a portion of it, a summary or a constrained description 
thereof. The key feature is that the credential itself is 
not disclosed. For instance a credential index 300 may 
include the first 12 digits of a credit card number or the 
25 first line of an address. A credential index may, 
alternatively, contain reference to, say, a credit card 
number (without disclosing the number itself) and a credit 
limit . 



30 In an extreme example a credential index 300 may refer to 
a single credential 302. For the purpose of the 
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embodiments described it is assumed that each credential 
index 300 references a plurality of credentials 302. 

In step 2 02, the user 4 generates a package of credentials 
5 3 02 corresponding to those indicated to be available in 
step 200- The credentials 302 may be generated separately 
or be combined in single credential document. This step 
can take place earlier or later in the procedure up to 
when the user 4 provides the credentials 3 02. 

10 

In step 2 04, the user 4, having decided to approach a 
service provider 6 for a service decides which credentials 
302 he/she is willing to offer to the service provider 6 
and provides a corresponding credential index to the 

15 service provider 6, For the present embodiment, the user 
4 offers credentials 302A and 302B referred to in a 
credential index 300A. The credentials 302 the user 4 is 
willing to offer to the service provider 6 may vary, for 
instance, because of the user's confidence in the security 

20 of the site and/or the user's knowledge of the service 
provider involved in the transaction. 

In step 206 the service provider 6, upon receipt of the 
credential index 30 OA from the user 4 reviews the 

25 credentials 3 02A and 302B offered decides (the decision 
making process may be automated) whether the type of 
credentials offered are sufficient to enable the service 
provider 6 to provide the service requested. If the 
service provider 6 is willing to accept the credentials 

30 302A and 302B for the service it responds, in step 208 
that the credentials 3 02A and 302B offered in the 
credential index 300A are acceptable and, in step 210, the 
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user 4 transmits the credentials 302A and 3 02B 
corresponding to those referred to in the credential index 
3 0 OA to the service provider 6. The service provider 6 
then, in step 212 provides the corresponding service. 

5 

If, at step 2 06, the service provider 6 decides that the 
credentials 302A and 3 02B offered in the credential index 
300A are not sufficient for the seirvice provider 6 to 
provide the service it informs the user 4 to that effect. 
10 The user 4 then has the choice of either providing a new 
f=-^ index of credentials (see step 204) or terminating the 

transaction. 

Z: Alternatively, the service provider 6 may just select one 

IJJ 15 of the credentials 3 02A or 3 02B and indicate that this is 
1 sufficient for a transaction. The user 4 then transmits 

y the relevant credential to the service provider 6. 

p Referring to Figure 4 of the drawings that follow, a 

H 20 further embodiment of the present invention is 
illustrated. In Figure 4 the steps 400 to 404 correspond 
to those of steps 200 to 204 in relation to Figure 2 and 
so will not be explained in detail here. 

25 In step 406 the recipient 6 determines what seirvice level 
is appropriate to the credentials 3 02 offered in the 
credential index 300 supplied by the user 4. So, for 
instance, in the case of the user 4 requesting a service 
for financial consideration if the user 4 communicates to 

30 the recipient 6 a credential index 3 00 referring to credit 
card details and an address, the service provider 6 
determines how much credit it will extend to the user 4 
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saying it will offer services to a value up to £1,000 and 
communicates this to the user 4 in step 408. Steps 410 
and 412 correspond to steps 210 and 212 in Figure 2. 

5 The determination by the service provider in step 406 may 
be to offer no service at all or some other service level, 
such as only offering certain types of service (say if 
products can only be supplied to those of a minimum age) . 

10 If the user 4 is not satisfied with the service level 
proposed by the service provider 6 at step 408, the user 4 
can re -institute the procedure to seek another service 
level offer from the service provider 6 . 

15 In a modification of the embodiment of Figure 4, in steps 
404 the user 4 can provide to service provider 6 a 
plurality of credential indices 3 00 from which (as 
described in relation to Figure 4) the service provider 6 
determines for each credential index a corresponding 

20 service level the service provider is willing to offer. 
The service provider 6 therefore communicates to the user 
4 a plurality of service level indicators linked (or 
otherwise cross-referenced) to the corresponding 
credential indices, respectively. The user 4 then 

25 determines which service level it wishes to select based 
on the user's assessment of the credentials required by 
the service provider 6 for the corresponding service. The 
user 4 then communicates the credential 3 02 to the service 
provider 6 (step 410) . 
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Preferred embodiments of the present invention put into 
the control of the user the decision of which credential 
to provide to a service provider. 

5 Further, an exchange of information takes place between 
user and service provider enabling the user to find a 
suitable seirvice level according to the credentials the 
user is willing to provide to the service provider. 

10 It is noted that although reference is made to a ''service 
provider'' in the preferred embodiments, the recipient of 
communication need not be the actual provider of the 

111 service. 

In 

fll 15 Communications for the present invention may be encrypted. 

^ The reader's attention is directed to all papers and 

documents which are filed concurrently with or previous to 
p this specification in connection with this application and 

H 20 which are open to public inspection with this 
specification, and the contents of all such papers and 
documents are incorporated herein by reference. 

All of the features disclosed in this specification 
25 (including any accompanying claims, abstract and 
drawings) , and/or all of the steps of any method or 
process so disclosed, may be combined in any combination, 
except combinations where at least some of such features 
and/or steps are mutually exclusive. 

30 

Each feature disclosed in this specification (including 
any accompanying claims, abstract and drawings) , may be 



replaced by alternative features serving the same, 
equivalent or similar purpose, unless expressly stated 
otherwise . Thus, unless expressly stated otherwise, each 
feature disclosed is one example only of a generic series 
of equivalent or similar features. 

The invention is not restricted to the details of the 
foregoing embodiment (s) . The invention extend to any novel 
one, or any novel combination, of the features disclosed 
in this specification (including any accompanying claims, 
abstract and drawings) , or to any novel one, or any novel 
combination, of the steps of any method or process so 
disclosed. 



